<?php
session_start();
require_once( 'configs/config.php' );
require_once( 'lib/db.php' );

if( $_SERVER['REQUEST_METHOD'] == 'GET' )
{
	echo 'No post.';
	exit;
}

if( !$_GET['id'] )
{
	echo 'No ID';
	exit;
}
else
{
	$id = $_GET['id'];
}

$formFields = array( 'Person', 'Amount', 'Reason', 'Date');

foreach( $formFields as $field )
{
	$form[ $field ] = htmlentities( trim( $_POST[ $field ] ), ENT_QUOTES );
	$form[ $field ] = $db->escape( $form[ $field ] );
}

// Insert into the database
$query = 'UPDATE payments SET UserUID = \'' .  $form['Person'] . '\', `Amount` = \'' . $form['Amount'] . '\', `Reason` = \'' . $form['Reason'] . '\', `Date` = \'' . $form['Date'] . '\' WHERE `PaymentUID` = \'' . $id .  '\'';

if( $db->query( $query ) )
{
	include_once('payments.php');
}
else
{
	echo 'Error';
}
?>